Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    3 vulnerabilities by pacercms

    CVE-2008-0451 (GCVE-0-2008-0451)

    Vulnerability from cvelistv5 – Published: 2008-01-24 23:00 – Updated: 2024-08-07 07:46
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) siteadmin/article-edit.php; and unspecified parameters to (2) submitted-edit.php, (3) page-edit.php, (4) section-edit.php, (5) staff-edit.php, and (6) staff-access.php in siteadmin/.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2008-01-22 00:00
    Show details on NVD website
    To clipboard 

    {
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:46:54.547Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "pacercms-articleedit-sql-injection(39833)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39833"
          },
          {
            "name": "3574",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3574"
          },
          {
            "name": "20080122 PacerCMS Multiple Vulnerabilities (XSS/SQL)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/486796/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://pacercms.sourceforge.net/index.php/2008/01/21/pacercms-061-streamlines-code-base-addresses-security-issue/"
          },
          {
            "name": "27397",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27397"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-01-22T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) siteadmin/article-edit.php; and unspecified parameters to (2) submitted-edit.php, (3) page-edit.php, (4) section-edit.php, (5) staff-edit.php, and (6) staff-access.php in siteadmin/."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "pacercms-articleedit-sql-injection(39833)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39833"
        },
        {
          "name": "3574",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3574"
        },
        {
          "name": "20080122 PacerCMS Multiple Vulnerabilities (XSS/SQL)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/486796/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://pacercms.sourceforge.net/index.php/2008/01/21/pacercms-061-streamlines-code-base-addresses-security-issue/"
        },
        {
          "name": "27397",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27397"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0451",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) siteadmin/article-edit.php; and unspecified parameters to (2) submitted-edit.php, (3) page-edit.php, (4) section-edit.php, (5) staff-edit.php, and (6) staff-access.php in siteadmin/."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "pacercms-articleedit-sql-injection(39833)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39833"
            },
            {
              "name": "3574",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3574"
            },
            {
              "name": "20080122 PacerCMS Multiple Vulnerabilities (XSS/SQL)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/486796/100/0/threaded"
            },
            {
              "name": "http://pacercms.sourceforge.net/index.php/2008/01/21/pacercms-061-streamlines-code-base-addresses-security-issue/",
              "refsource": "MISC",
              "url": "http://pacercms.sourceforge.net/index.php/2008/01/21/pacercms-061-streamlines-code-base-addresses-security-issue/"
            },
            {
              "name": "27397",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/27397"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-0451",
    "datePublished": "2008-01-24T23:00:00.000Z",
    "dateReserved": "2008-01-24T00:00:00.000Z",
    "dateUpdated": "2024-08-07T07:46:54.547Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

    CVE-2008-0426 (GCVE-0-2008-0426)

    Vulnerability from cvelistv5 – Published: 2008-01-23 21:00 – Updated: 2024-08-07 07:46
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PacerCMS before 0.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) headline, or (3) text field in a message.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/486796/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/27386 vdb-entryx_refsource_BID
    http://secunia.com/advisories/28605 third-party-advisoryx_refsource_SECUNIA
    http://pacercms.sourceforge.net/index.php/2008/01… x_refsource_CONFIRM
    Date Public
    2008-01-21 00:00
    Show details on NVD website
    To clipboard 

    {
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:46:54.545Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "pacercms-submit-xss(39832)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39832"
          },
          {
            "name": "20080122 PacerCMS Multiple Vulnerabilities (XSS/SQL)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/486796/100/0/threaded"
          },
          {
            "name": "27386",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27386"
          },
          {
            "name": "28605",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28605"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://pacercms.sourceforge.net/index.php/2008/01/21/pacercms-061-streamlines-code-base-addresses-security-issue/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-01-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PacerCMS before 0.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) headline, or (3) text field in a message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "pacercms-submit-xss(39832)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39832"
        },
        {
          "name": "20080122 PacerCMS Multiple Vulnerabilities (XSS/SQL)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/486796/100/0/threaded"
        },
        {
          "name": "27386",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27386"
        },
        {
          "name": "28605",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28605"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://pacercms.sourceforge.net/index.php/2008/01/21/pacercms-061-streamlines-code-base-addresses-security-issue/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0426",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PacerCMS before 0.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) headline, or (3) text field in a message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "pacercms-submit-xss(39832)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39832"
            },
            {
              "name": "20080122 PacerCMS Multiple Vulnerabilities (XSS/SQL)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/486796/100/0/threaded"
            },
            {
              "name": "27386",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/27386"
            },
            {
              "name": "28605",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28605"
            },
            {
              "name": "http://pacercms.sourceforge.net/index.php/2008/01/21/pacercms-061-streamlines-code-base-addresses-security-issue/",
              "refsource": "CONFIRM",
              "url": "http://pacercms.sourceforge.net/index.php/2008/01/21/pacercms-061-streamlines-code-base-addresses-security-issue/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-0426",
    "datePublished": "2008-01-23T21:00:00.000Z",
    "dateReserved": "2008-01-23T00:00:00.000Z",
    "dateUpdated": "2024-08-07T07:46:54.545Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

    CVE-2007-5056 (GCVE-0-2007-5056)

    Vulnerability from cvelistv5 – Published: 2007-09-24 22:00 – Updated: 2024-08-07 15:17
    VLAI
    Summary
    Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/25768 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/40596 vdb-entryx_refsource_OSVDB
    https://www.exploit-db.com/exploits/5098 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/28886 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2007/3261 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/26928 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/41422 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/41426 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/28874 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://www.exploit-db.com/exploits/5090 exploitx_refsource_EXPLOIT-DB
    http://osvdb.org/41428 vdb-entryx_refsource_OSVDB
    https://www.exploit-db.com/exploits/5097 exploitx_refsource_EXPLOIT-DB
    http://www.attrition.org/pipermail/vim/2007-Septe… mailing-listx_refsource_VIM
    http://secunia.com/advisories/28873 third-party-advisoryx_refsource_SECUNIA
    https://www.exploit-db.com/exploits/4442 exploitx_refsource_EXPLOIT-DB
    https://www.exploit-db.com/exploits/5091 exploitx_refsource_EXPLOIT-DB
    http://secunia.com/advisories/28859 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/41427 vdb-entryx_refsource_OSVDB
    Date Public
    2007-09-21 00:00
    Show details on NVD website
    To clipboard 

    {
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:17:28.218Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openrealty-lastmodule-code-execution(40395)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40395"
          },
          {
            "name": "25768",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25768"
          },
          {
            "name": "sapidcmf-lastmodule-code-execution(40396)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40396"
          },
          {
            "name": "40596",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/40596"
          },
          {
            "name": "5098",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/5098"
          },
          {
            "name": "pacercms-lastmodule-code-execution(40389)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40389"
          },
          {
            "name": "28886",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28886"
          },
          {
            "name": "ADV-2007-3261",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3261"
          },
          {
            "name": "26928",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26928"
          },
          {
            "name": "41422",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/41422"
          },
          {
            "name": "journalness-lastmodule-code-execution(40393)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40393"
          },
          {
            "name": "41426",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/41426"
          },
          {
            "name": "28874",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28874"
          },
          {
            "name": "cmsmadesimple-adodbperfmod-code-execution(36733)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36733"
          },
          {
            "name": "5090",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/5090"
          },
          {
            "name": "41428",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/41428"
          },
          {
            "name": "5097",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/5097"
          },
          {
            "name": "20070924 CMS Made Simple eval injection is really an ADOdb Lite problem",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-September/001800.html"
          },
          {
            "name": "28873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28873"
          },
          {
            "name": "4442",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/4442"
          },
          {
            "name": "5091",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/5091"
          },
          {
            "name": "28859",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28859"
          },
          {
            "name": "41427",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/41427"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-09-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openrealty-lastmodule-code-execution(40395)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40395"
        },
        {
          "name": "25768",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25768"
        },
        {
          "name": "sapidcmf-lastmodule-code-execution(40396)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40396"
        },
        {
          "name": "40596",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/40596"
        },
        {
          "name": "5098",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/5098"
        },
        {
          "name": "pacercms-lastmodule-code-execution(40389)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40389"
        },
        {
          "name": "28886",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28886"
        },
        {
          "name": "ADV-2007-3261",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3261"
        },
        {
          "name": "26928",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26928"
        },
        {
          "name": "41422",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/41422"
        },
        {
          "name": "journalness-lastmodule-code-execution(40393)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40393"
        },
        {
          "name": "41426",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/41426"
        },
        {
          "name": "28874",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28874"
        },
        {
          "name": "cmsmadesimple-adodbperfmod-code-execution(36733)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36733"
        },
        {
          "name": "5090",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/5090"
        },
        {
          "name": "41428",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/41428"
        },
        {
          "name": "5097",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/5097"
        },
        {
          "name": "20070924 CMS Made Simple eval injection is really an ADOdb Lite problem",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-September/001800.html"
        },
        {
          "name": "28873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28873"
        },
        {
          "name": "4442",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/4442"
        },
        {
          "name": "5091",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/5091"
        },
        {
          "name": "28859",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28859"
        },
        {
          "name": "41427",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/41427"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5056",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openrealty-lastmodule-code-execution(40395)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40395"
            },
            {
              "name": "25768",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25768"
            },
            {
              "name": "sapidcmf-lastmodule-code-execution(40396)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40396"
            },
            {
              "name": "40596",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/40596"
            },
            {
              "name": "5098",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/5098"
            },
            {
              "name": "pacercms-lastmodule-code-execution(40389)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40389"
            },
            {
              "name": "28886",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28886"
            },
            {
              "name": "ADV-2007-3261",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3261"
            },
            {
              "name": "26928",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26928"
            },
            {
              "name": "41422",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/41422"
            },
            {
              "name": "journalness-lastmodule-code-execution(40393)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40393"
            },
            {
              "name": "41426",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/41426"
            },
            {
              "name": "28874",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28874"
            },
            {
              "name": "cmsmadesimple-adodbperfmod-code-execution(36733)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36733"
            },
            {
              "name": "5090",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/5090"
            },
            {
              "name": "41428",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/41428"
            },
            {
              "name": "5097",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/5097"
            },
            {
              "name": "20070924 CMS Made Simple eval injection is really an ADOdb Lite problem",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-September/001800.html"
            },
            {
              "name": "28873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28873"
            },
            {
              "name": "4442",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/4442"
            },
            {
              "name": "5091",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/5091"
            },
            {
              "name": "28859",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28859"
            },
            {
              "name": "41427",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/41427"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5056",
    "datePublished": "2007-09-24T22:00:00.000Z",
    "dateReserved": "2007-09-24T00:00:00.000Z",
    "dateUpdated": "2024-08-07T15:17:28.218Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}